You are here

T-722: IBM WebSphere Commerce Edition Input Validation Holes Permit Cross-Site Scripting Attacks

September 21, 2011 - 8:15am

Addthis

PROBLEM:

IBM WebSphere Commerce Edition Input Validation Holes Permit Cross-Site Scripting Attacks.

PLATFORM:

WebSphere Commerce Edition V7.0

ABSTRACT:

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the IBM WebSphere software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

reference LINKS:

IBM Recommended Fixes for WebSphere Commerce
IBM Support
SecurityTracker Alert ID: 1026074

IMPACT ASSESSMENT:

Medium

Discussion:

Several vulnerabilities were reported in IBM WebSphere. A remote user can conduct cross-site scripting attacks. The impact of some vulnerabilities was not specified. Several scripts do not properly filter HTML code from user-supplied input before displaying the input [CVE-2010-2273, CVE-2010-2274, CVE-2010-2275]. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the IBM WebSphere software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. A flaw in 'iframe_history.html' has unspecified impact [CVE-2010-2272]. A remote user can exploit a flaw in the test or demo components with unspecified impact [CVE-2010-2276]. The vulnerabilities reside in the included 'Dojo' component.

Impact:

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the IBM WebSphere software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. The impact of some vulnerabilities was not specified.

Solution:

The vendor has issued a fix (APAR JR40578).
IBM Support

 

Addthis